On tis, 2007-09-25 at 10:45 -0700, Srinivas B wrote: > My question is, I use one > > https_port < with certs matching domain xyz.mydomain.com> > > Our firewall is configured such a way that https requests coming to > xyz.mydomain.com and abc.mydomain.com are forwarded to squid. > > can I use url_rewrite_program to redirect requests with hostname > abc.mydomain.com to xyz.mydomain.com (without showing the user a > security warning message.) If the browser tries to connet to abc.mydomain.com:443 which translates to an ip:443 it expects the server to present a certificate matching abc.mydomain.com. This all takes place before the browser sends the HTTP request containing the requested hostname, so no. If you want to use SSL then you need an unique ip:port per certificate you want to present. If the browser thinks it is connecting to one host and is presented a certificate not matching the requested host it will complain about certificate mismatch. Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
